Lucene search
K
Billing System ProjectBilling System

4 matches found

CVE
CVE
added 2022/11/22 12:0 a.m.56 views

CVE-2022-43214

Billing System Project v1.0 contains a SQL injection vulnerability in printOrder.php via the orderId parameter. Root cause is lack of input validation, enabling potentially unauthorized access to sensitive database data (CVE-2022-43214). CVSS v3.1 base score 9.8 (CRITICAL). Exploit details are no...

9.8CVSS9.8AI score0.0089EPSS
CVE
CVE
added 2022/11/22 12:0 a.m.56 views

CVE-2022-43215

CVE-2022-43215 affects Billing System Project v1.0. The vulnerability is a SQL injection in the endDate parameter of the getOrderReport.php endpoint, as described across multiple sources. The issue arises from lack of input validation, enabling an attacker to influence SQL queries and potentially...

9.8CVSS9.8AI score0.00871EPSS
CVE
CVE
added 2022/10/18 12:0 a.m.55 views

CVE-2022-41504

CVE-2022-41504 is an arbitrary file upload vulnerability in the Billing System Project v1.0, specifically in the /php_action/editProductImage.php component. The issue allows an attacker to upload a crafted PHP file and achieve arbitrary code execution. The CVSS score is High (7.2) with network at...

7.2CVSS7.3AI score0.01034EPSS
CVE
CVE
added 2022/10/17 12:0 a.m.50 views

CVE-2022-41498

CVE-2022-41498 affects the Billing System Project v1.0, with a confirmed SQL injection vulnerability exploitable via the id parameter at /phpinventory/editbrand.php. The CVE entry lists a base score of 7.2 (High, CVSS 3.1: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). The exploitation status is not provi...

7.2CVSS7.2AI score0.00726EPSS
Web